Please refer to the steps below on how to update Gunicorn HTTP headers as a Security best practice.
Check the document below on exhaustive list of settings for Gunicorn.
Some settings are only able to be set from a configuration file. https://docs.gunicorn.org/en/latest/settings.html
- In the application root directory, create a file config.py with the server configurations.
import gunicorn gunicorn.SERVER ="undisclosed"
- In the Azure portal, within the Configurations tab, add the below start-up command. Restart the App Service.
gunicorn -c config.py –bind=0.0.0.0 –timeout 600 app:app
- Verify that the HTTP header changes are reflected via the Browser Developer Tools.